How do I whitelist a domain in office 365?

Office 365 provides protection for your email account with automatic filters that divert suspected spam to a separate folder away from the Inbox. It also has a separate safe sender list that allows senders to be trusted and allow images to be download automatically from the send outs.

While this safeguard is usually helpful, valid emails from companies, colleagues and loved ones may also end up in the spam folder.

Creating a whitelist tells the program which domains it should always allow through and eliminates the possibility of missing legitimate emails. 

Holm Security's recommendation is that whitelisting should only be used during a send out and it should be removed in between send outs to make it a safe a process as possible. 

  1. You must log in to Office 365 as an admin to add domains to the whitelist.
  2. Click the Admin drop-down box at the top of the screen, select Exchange and click the Mail Flow headline.
  3.  Click the plus sign icon and select Bypass spam filtering from the menu.
  4. Type a name for the rule in the appropriate text box. Something simple such as whitelist suffices.
  5. Select The senders domain is… from the Apply this rule if drop-down box.
  6. Enter the domain you want to allow access. Do not include the entire email address; rather, just include the domain from which it originates, such as
    You can find what domains Holm Security is using in the following article:
  7. Click OK when you are done.

    The whitelisting is now done and we continue adding our domains to the safe sender list using Office 365 Poweshell. If you are not familiar with Office Powershell you can read about how to get started in the following link:

  8. Connecting to Office 365 Powershell:
  9. Type in one of the following scripts depending on the datacenter used to add trusted domains:

    Sweden, Stockholm:

    $All = Get-Mailbox -RecipientTypeDetails UserMailbox -ResultSize Unlimited; $All | foreach {Set-MailboxJunkEmailConfiguration $_.Name -TrustedSendersAndDomains "",  "", "", "", "", "", "", "", ""}

    Malaysia, Kuala Lumpur 

    $All = Get-Mailbox -RecipientTypeDetails UserMailbox -ResultSize Unlimited; $All | foreach {Set-MailboxJunkEmailConfiguration $_.Name -TrustedSendersAndDomains "" "", "", "", "", "", "", "", ""}

    This script makes sure that all mailboxes are selected and that our domains are marked as safe for all users.

  10. Make the send out from Security Center.
  11. Type in the following script to remove all trusted domains: 

    $All = Get-Mailbox -RecipientTypeDetails UserMailbox -ResultSize Unlimited; $All | foreach {Set-MailboxJunkEmailConfiguration $_.Name -TrustedSendersAndDomains @null}

    Notice that this will remove ALL trusted domains.

Remember to follow our recommendations and remove the trusted domains after the send out is complete. 

Have more questions? Submit a request


Please sign in to leave a comment.